Iron Tiger group creates Linux version of its custom malware
According to research recently published by cybersecurity firm Trend Micro, Iron Tiger, a Chinese-speaking threat group known for targeting organisations in East Asia, has created a Linux version of its custom malware known as SysUpdate.
The malware is designed to evade detection and provide persistent backdoor access to targeted systems: the Linux version is similar to its Windows counterpart, and is capable of performing various malicious activities such as executing shell commands, stealing sensitive information, and uploading and downloading files to and from the compromised system.
Iron Tiger has been active since at least 2010 and has targeted various industries, including telecommunications, government and military.
The researchers suggest that this move may be part of a wider effort by Iron Tiger to expand its toolset and increase its ability to target a wider range of systems.
Indicator of Compromise
| SHA256 |
|---|
| 6d9031eb617096439bc8c8f7c32f4a11ffefc4326d99229fc78722873092e400 |
| 11f21d08f819dea21a09c602a4391142a5648f3e17a07a24d41418fcc17ea83f |
| 9add546cb9527f9d7e4930aaddec6e14c70d1400d0d531a9102efd4c83b27dd7 |
| 3ac029e49ca71d948bfe1a7bc691967cf26cb5a731c7807d5be3cf6b579fa8ab |
| 2ada1b48457c169cf3f80e248190374102615e2c89b70e574fba4ddc09b5fcd5 |
| 09a3231a300d794010c3f400617cd0b1b7aab7141735a2b8635a8362584e196d |
| c65c435737ac02132d9dfeb6ec1d7d903648f61ecdda8a85b4250f064cb4673f |
| 43ae4e624413a587667027c03416d78b2515ac9081b8c9c967aadb1157f49e55 |
| b92a9dcdcf0bec8cd1e8b701dbf7bd6f7e68473a9e711267a4af8e4be783bb1e |
| 08dd5a9fdc387855fb5a23c167abec63b22272f66de099155036c5ce7e4deeb8 |
| 1e2b05838edfb0460fc97e2d7bab2271891c55ca0c895d4db30cf2acfaea51d2 |
| d950cc937f4df9ab0bad44513d23ea7ecdfae2b0de8ba351018de5fb5d7b1382 |
| b504ab7a4a35e6deb34536d4663db696918961aadc03662b2c34e89b50ba10a1 |
| a8527a88fb9a48f043a0b762c7431fb52e601b72ff2fa0d35327e5cc72404edc |
| 0daa82650712f2338803521969f7dc7deebba0e34c4797a9e39d99595d7eb423 |
| 9499eabf880a55522c1b78d5afaa9ff34ae958950627ccd15099f2e771c9b0b1 |
| ff6502b16b0c2eebef15964fd6fcc60c23b4afa88bebe99cfc54ee73f11aeb62 |
| 735eddc24aa98f30d8e6839dc8c669f565aa760952af8d00d4f6fbfe6776631d |
| ba1dabf7ff0a4bca8d7ff6e541b1930fc8328d240ba8a56ede96cc203daf6772 |
| 2027784b3f0e8e5f6add0aa42c6b9b6ea3e3e1af6373a465cb57b145d24373bf |
| 76b5fa39d5b519e82e63466df1a6b2068cc9754343efbabf862924557c0fc213 |
| 0cd3df91582551182a0decf662a112e59591cf07f3d107f09df3194f7d498e62 |
| 83209d9b8ebd0add8665e533d0948ae4e878ccc21ba5e3b00bea8833b59acf9a |
| ba484eebda8dbe07b36eb07fa6c5cbb8d1dcc6638808cdcf7f33d7bab51d2805 |
| 123880edc91f7dc033a769d9523f783f7b426673ee95e9e33654cdfa95a6462c |
| fac0009d615e98238cf348819b21f0dbbb462653c2257f1c6ef552838894e166 |
| 39f90ef532307c23f485f6d337fd820651581aeb72f678477bcb106a3d831997 |
| ed5047461b2cccac4e81bd9fa73469d69468521174b981b5f76abb450c6fdabe |
| cc196ee155bf864071cbeec3ddcd3e2451a37d4296f53a024142c70193b9691d |
| 3f808df5af6889c2219fd4982dd49946535528237cc00530cce5c69c3e7f0e34 |
| aad2e40411aa08e398cdf7397c7a1b3b7ab2a5ba833b6d65f68b145d51c2ed05 |
| c256b85747ad81e3f3f6c49ce496e77f024b302f921cb007a5f5375ac5b672d7 |